1 files changed, 10 insertions, 19 deletions
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h
index 637a789dd1..d559e7148a 100644
--- a/src/lib/libssl/ssl_locl.h
+++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_locl.h,v 1.378 2022/01/08 12:54:32 jsing Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.379 2022/01/08 12:59:59 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -511,8 +511,15 @@ struct ssl_session_st {
         * not_resumable_session_cb to disable session caching and tickets. */
        int not_resumable;
-        /* The cert is the certificate used to establish this connection */
+        STACK_OF(X509) *cert_chain; /* as received from peer */
-        struct sess_cert_st /* SESS_CERT */ *sess_cert;
+        /* The 'peer_...' members are used only by clients. */
+        int peer_cert_type;
+        /* Obviously we don't have the private keys of these,
+         * so maybe we shouldn't even use the SSL_CERT_PKEY type here. */
+        SSL_CERT_PKEY *peer_key; /* points to an element of peer_pkeys (never NULL!) */
+        SSL_CERT_PKEY peer_pkeys[SSL_PKEY_NUM];
        size_t tlsext_ecpointformatlist_length;
        uint8_t *tlsext_ecpointformatlist; /* peer's list */
@@ -1216,20 +1223,6 @@ typedef struct ssl3_state_st {
        struct ssl3_state_internal_st *internal;
 } SSL3_STATE;
-typedef struct sess_cert_st {
-        STACK_OF(X509) *cert_chain; /* as received from peer */
-        /* The 'peer_...' members are used only by clients. */
-        int peer_cert_type;
-        SSL_CERT_PKEY *peer_key; /* points to an element of peer_pkeys (never NULL!) */
-        SSL_CERT_PKEY peer_pkeys[SSL_PKEY_NUM];
-        /* Obviously we don't have the private keys of these,
-         * so maybe we shouldn't even use the SSL_CERT_PKEY type here. */
-        int references; /* actually always 1 at the moment */
-} SESS_CERT;
 /*#define SSL_DEBUG     */
 /*#define RSA_DEBUG     */
@@ -1295,8 +1288,6 @@ int ssl_cert_set1_chain(SSL_CERT *c, STACK_OF(X509) *chain);
 int ssl_cert_add0_chain_cert(SSL_CERT *c, X509 *cert);
 int ssl_cert_add1_chain_cert(SSL_CERT *c, X509 *cert);
-SESS_CERT *ssl_sess_cert_new(void);
-void ssl_sess_cert_free(SESS_CERT *sc);
 int ssl_get_new_session(SSL *s, int session);
 int ssl_get_prev_session(SSL *s, CBS *session_id, CBS *ext_block,
    int *alert);

diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h index 637a789dd1..d559e7148a 100644 --- a/src/lib/libssl/ssl_locl.h +++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_locl.h,v 1.378 2022/01/08 12:54:32 jsing Exp $ */	1	/* $OpenBSD: ssl_locl.h,v 1.379 2022/01/08 12:59:59 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -511,8 +511,15 @@ struct ssl_session_st {
511	* not_resumable_session_cb to disable session caching and tickets. */	511	* not_resumable_session_cb to disable session caching and tickets. */
512	int not_resumable;	512	int not_resumable;
513		513
514	/* The cert is the certificate used to establish this connection */	514	STACK_OF(X509) cert_chain; / as received from peer */
515	struct sess_cert_st /* SESS_CERT / sess_cert;	515
		516	/* The 'peer_...' members are used only by clients. */
		517	int peer_cert_type;
		518
		519	/* Obviously we don't have the private keys of these,
		520	* so maybe we shouldn't even use the SSL_CERT_PKEY type here. */
		521	SSL_CERT_PKEY peer_key; / points to an element of peer_pkeys (never NULL!) */
		522	SSL_CERT_PKEY peer_pkeys[SSL_PKEY_NUM];
516		523
517	size_t tlsext_ecpointformatlist_length;	524	size_t tlsext_ecpointformatlist_length;
518	uint8_t tlsext_ecpointformatlist; / peer's list */	525	uint8_t tlsext_ecpointformatlist; / peer's list */
@@ -1216,20 +1223,6 @@ typedef struct ssl3_state_st {
1216	struct ssl3_state_internal_st *internal;	1223	struct ssl3_state_internal_st *internal;
1217	} SSL3_STATE;	1224	} SSL3_STATE;
1218		1225
1219	typedef struct sess_cert_st {
1220	STACK_OF(X509) cert_chain; / as received from peer */
1221
1222	/* The 'peer_...' members are used only by clients. */
1223	int peer_cert_type;
1224
1225	SSL_CERT_PKEY peer_key; / points to an element of peer_pkeys (never NULL!) */
1226	SSL_CERT_PKEY peer_pkeys[SSL_PKEY_NUM];
1227	/* Obviously we don't have the private keys of these,
1228	* so maybe we shouldn't even use the SSL_CERT_PKEY type here. */
1229
1230	int references; /* actually always 1 at the moment */
1231	} SESS_CERT;
1232
1233	/#define SSL_DEBUG /	1226	/#define SSL_DEBUG /
1234	/#define RSA_DEBUG /	1227	/#define RSA_DEBUG /
1235		1228
@@ -1295,8 +1288,6 @@ int ssl_cert_set1_chain(SSL_CERT c, STACK_OF(X509) chain);
1295	int ssl_cert_add0_chain_cert(SSL_CERT c, X509 cert);	1288	int ssl_cert_add0_chain_cert(SSL_CERT c, X509 cert);
1296	int ssl_cert_add1_chain_cert(SSL_CERT c, X509 cert);	1289	int ssl_cert_add1_chain_cert(SSL_CERT c, X509 cert);
1297		1290
1298	SESS_CERT *ssl_sess_cert_new(void);
1299	void ssl_sess_cert_free(SESS_CERT *sc);
1300	int ssl_get_new_session(SSL *s, int session);	1291	int ssl_get_new_session(SSL *s, int session);
1301	int ssl_get_prev_session(SSL s, CBS session_id, CBS *ext_block,	1292	int ssl_get_prev_session(SSL s, CBS session_id, CBS *ext_block,
1302	int *alert);	1293	int *alert);